Adobe: Beware of fake Flash downloads

Tuesday, August 5th, 2008

Amidst confirmed reports that malicious hackers are starting to use fake Flash Player downloads as social engineering lures for malware, Adobe has issued a call-to-arms for users to validate installers before downloading software updates.The company’s notice comes on the heels of malware attacks on Facebook, MySpace and Twitter that attempt ...

Beware Fake Malware Cleaner Programs

Sunday, July 27th, 2008

Chinese hackers are sending out malware masquerading as the Trend Micro Virus Clean Tool, according to Trend. The example in the linked Trend blog is in Chinese, so perhaps the threat is only real in China (and Taiwan). But the example is instructive.The threat arrives as an e-mail which looks ...

Storm botnet stages Fourth of July attacks

Saturday, July 5th, 2008

As predicted, hackers tried to trick users into downloading the Storm bot Trojan Friday by unleashing a flood of Fourth of July spam bearing links to malicious sites, several security companies reported.The spam campaign, anticipated earlier in the week by MX Logic Inc., used messages with subject headings ranging from ...

New tools to block and eradicate SQL injection

Tuesday, June 24th, 2008

The MSRC released an advisory today that discusses the recent SQL injection attacks and announces three new tools to help identify and block these types of vulnerabilities. The advisory discusses the new tools, the purpose of each, and the way each complements the others. The goal of this blog post is ...

Making The Move To Multiple Browsers

Tuesday, June 3rd, 2008

For a while now I’ve been using different web browsers to compartmentalize my risk. Most of my primary browsing is in one browser, but I use another for potentially risky activities I want to isolate more. Running different browsers for different sessions isolates certain types of attacks. For example, unless ...